Se connecter / S'enregistrer
Votre question

msupdate et sans doutes d'autres virus [résolu]

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Janvier 2008 00:12:12

Bonjour,
je viens de chopper le virus de msupdate.exe (je l'ai supprimé de démarrage et j'ai terminé les processus mais il va revenir d'après ce que j'ai vu) et je pense avoir d'autres vers...

J'ai lancé un rapport Hijackthis mais je ne suis encore qu'un novice pour cet outil et j'ai peur de faire des conneries^^

voila mon rapport, merci d'avance pour vos coups de mains:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58:16, on 01/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\EACCEL~1\Station\station.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PhiBtn] %SystemRoot%\System32\drivers\PhiBtn.exe
O4 - HKLM\..\Run: [Traymin900] %SystemRoot%\System32\drivers\Tray900.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.cabourg.net/meteocam/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA5C39A-C959-4413-8938-16D365523434}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA5C39A-C959-4413-8938-16D365523434}: NameServer = 192.168.1.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 10188 bytes

Autres pages sur : msupdate doutes virus resolu

2 Janvier 2008 00:16:07

Bonjour


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
2 Janvier 2008 00:30:42

Le problème c'est que les fichier .exe ne marchent plus, il faut indiquer avec quoi l'ouvrir. Je n'arrive donc pas à exécuter ComboFix.
Contenus similaires
2 Janvier 2008 00:34:37

Comment as tu fait pour Hijackthis ?
2 Janvier 2008 00:37:18

Pour Hijackthis je lui ai dit de s'ouvrir par lui même, ça fonctionne donc, par contre pour Combofix, pour fonctionner il lance plusieurs .exe (cmd, nircmd...) et la ma technique ne marche plus, il ne se passe rien sur la commande...
2 Janvier 2008 01:11:19

Bon, j'ai réussi à supprimer le virus syshost.exe avec hijackthis.

Niveau virus c'est bon j'ai redémarré et plus rien.

Par contre j'ai toujours le problème des .exe qui ne se lancent pas... Faut-il modifier la clé de registre ou un truc du genre?
2 Janvier 2008 11:34:06

Problème résolu !!! :bounce: 

Je suis allé dans la clé de base de registre: HKEY_CLASSES_ROOT\exefile\shell\open\command
et j'ai modifié (par défaut) en mettant "%1" %*

Et maintenant, plus aucun problème, tout est normal :sol: 


(désolé pour le triple post ;)  )
2 Janvier 2008 23:43:32

Bonjour

Fais le scan avec Combofix si cela fonctionne, il reste des infections.
3 Janvier 2008 11:37:18

Ok je vais faire ça, merci pour tes conseils !!!
3 Janvier 2008 12:41:15

Voila le rapport ComboFix:

ComboFix 08-01-03.3 - Thib et Ben 2008-01-03 12:24:51.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.99 [GMT 1:00]
Running from: C:\Documents and Settings\Thib et Ben\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Thib et Ben\Application Data\EHMD5.dll
C:\Documents and Settings\Thib et Ben\Application Data\rbap450.dll
C:\Documents and Settings\Thib et Ben\Application Data\rbqt450.DLL
C:\Documents and Settings\Thib et Ben\Application Data\RBShell400.dll
C:\WINDOWS\pp.exe
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\drivers\PhiBtn.exe
C:\WINDOWS\system32\drivers\Tray900.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))))))))
.

2008-01-03 12:22 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 20:17 . 2008-01-02 20:19 <REP> d-------- C:\Program Files\Power Defragmenter
2008-01-02 11:07 . 2001-08-23 17:46 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-01-01 23:01 . 2008-01-01 23:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 16:45 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-01-01 01:05 --------- d-----w C:\Program Files\eMule
2007-12-22 16:09 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Lavasoft
2007-12-22 16:06 --------- d-----w C:\Program Files\EA SPORTS
2007-11-24 08:51 --------- d-----w C:\Program Files\MoodLogic
2007-11-21 16:44 --------- d-----w C:\Program Files\Diablo II
2007-11-20 16:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-20 16:06 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 18:18 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-04 17:11 --------- d-----w C:\Program Files\Magic Swf2Gif
2007-11-04 16:44 --------- d-----w C:\Program Files\e-anim701
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:49 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:49 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:49 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:49 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:49 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:49 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:49 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:49 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 11:00 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 11:00 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-07-02 13:00 24,278,048 ----a-w C:\Program Files\dotnetfx.exe
2007-05-01 11:47 53,760 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSPicturePlugin.dll
2007-05-01 11:47 52,224 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\EHZComp.dll
2007-05-01 11:47 48,128 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSResPlugin.dll
2007-05-01 11:47 43,520 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSQTImporterPlugin.dll
2007-05-01 11:47 38,912 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSQuickTimePlugin.dll
2007-05-01 11:47 36,864 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSRegistryPlugin.dll
2007-05-01 11:47 36,864 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSPictureMacPlugin.dll
2007-05-01 11:47 36,352 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSMainPlugin.dll
2007-05-01 11:47 31,232 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSProcessPlugin.dll
2007-05-01 11:47 28,672 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSRectPlugin.dll
2007-05-01 11:47 28,672 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSMemoryPlugin.dll
2007-05-01 11:47 28,160 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSMacOSXPlugin.dll
2007-05-01 11:47 26,624 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSUsernamePlugin.dll
2007-05-01 11:47 26,112 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSRegistrationPlugin.dll
2007-05-01 11:47 25,088 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSPluginVersionPlugin.dll
2007-05-01 11:47 18,432 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\EHEncrypt.dll
2007-05-01 11:47 115,712 ---ha-w C:\Documents and Settings\Thib et Ben\Application Data\MBSJPEGDecompressionPlugin.dll
2006-12-13 22:41 12,876 ----a-w C:\Program Files\Lisez-moi.txt
2006-03-22 09:14 1,587,114 ----a-w C:\Program Files\photofiltre.exe
2006-01-04 15:18 11,817,800 ----a-w C:\Program Files\google-earth_google_earth_3.0.0762_beta_anglais_14783.exe
2005-12-24 13:42 48,410,384 ----a-w C:\Program Files\directx_dec2005_redist.exe
2005-11-02 16:05 10,240 -csha-w C:\WINDOWS\rnapxs\rnapxs.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\Money Express.exe" [1999-08-03 23:00 127040]
"Update Service"="C:\Program Files\Fichiers communs\Teknum Systems\update.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 11:22 7700480]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.exe" [2005-05-09 08:05 118833]
"F-Secure TNB"="C:\Program Files\Pack Securite\TNB\TNBUtil.exe" [2005-06-02 14:05 700416]
"F-Secure Startup Wizard"="C:\Program Files\Pack Securite\FSGUI\FSSW.exe" [2005-09-05 14:00 372736]
"nwiz"="nwiz.exe" [2006-10-22 11:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 16:10 110592 C:\WINDOWS\system32\bthprops.cpl]
"PhiBtn"="C:\WINDOWS\System32\drivers\PhiBtn.exe" [ ]
"Traymin900"="C:\WINDOWS\System32\drivers\Tray900.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 01:26 406016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 11:22 86016]
"LyraHD2TrayApp"="C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2004-12-06 12:22 290816]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2005-10-30 14:22:06]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 08:15:56]
Pack Securite.lnk - C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe [2005-11-02 16:39:19]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-08-22 14:05]
R0 PxHelper;PxHelper;C:\WINDOWS\system32\drivers\PxHelper.sys [2002-02-27 00:24]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 16:11]
R2 BackWeb Plug-in - 361343;Pack Securite;C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE [2005-11-02 16:38]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 16:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSgk.sys [2007-05-30 10:39]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys [2004-12-17 10:34]
R3 CICHAUD;NEC ICH 3D Environmental Audio;C:\WINDOWS\system32\drivers\cichaud.sys [2001-09-20 10:30]
R3 CICHHALA;CICHHALA;C:\WINDOWS\system32\drivers\cichhal.sys [2001-09-20 10:35]
R3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 02:52]
S3 camvid40;Philips SPC 900NC PC Camera;C:\WINDOWS\system32\DRIVERS\camdrv41.sys [2005-08-25 18:28]
S3 JL2005C;Dual Mode Camera;C:\WINDOWS\system32\Drivers\jl2005c.sys []
S3 nenum13E;nenum13E;C:\DOCUME~1\THIBET~1\LOCALS~1\Temp\nenum13E.sys [1979-02-25 21:18]
S3 V90drv;v90drv;C:\WINDOWS\system32\DRIVERS\v90drv.sys [2001-11-29 15:09]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Q]
\Shell\AutoRun\command - Q:\Setup\rsrc\autorun.exe
\Shell\dinstall\command - Q:\Directx\dxsetup.exe

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-31 10:42:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2005-11-05 17:35:01 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2005-10-29 18:30:00 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 12:31:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-03 12:33:48
ComboFix-quarantined-files.txt 2008-01-03 11:33:22
.
2007-12-12 20:18:35 --- E O F ---
3 Janvier 2008 18:47:13

Bien, Combofix a fait du ménage.

Poste un nouveau rapport Hijackthis.
4 Janvier 2008 15:18:09

Nouveau rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:17:28, on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PhiBtn] %SystemRoot%\System32\drivers\PhiBtn.exe
O4 - HKLM\..\Run: [Traymin900] %SystemRoot%\System32\drivers\Tray900.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.cabourg.net/meteocam/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA5C39A-C959-4413-8938-16D365523434}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA5C39A-C959-4413-8938-16D365523434}: NameServer = 192.168.1.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 9571 bytes
4 Janvier 2008 22:57:15

Re


Plus rien dans Hijackthis.

On termine.

Télécharge DrWeb
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

La version est automatiquement à jour.
Installe le.
Lance le.
Une analyse des processus se lance.
Ensuite, choisis le lecteur à scanner et lance l'analyse.

Poste le rapport.
5 Janvier 2008 18:40:47

Rapport DrWeb:

clicclic.exe;C:\Documents and Settings\Thib et Ben\Bureau\jeux;Joke.Buttons;;
Everest Poker.exe;C:\Documents and Settings\Thib et Ben\Mes documents\Benoît;Adware.Casino;;
survey_1.exe;C:\Documents and Settings\Valdalbian\Mes documents\Michel\divers info -CV etc;Joke.Opros;;
POSTOOBE.NEC;C:\DRIVERS;VBS.Generic.278;Supprimé.;
steaminstall.exe;C:\Valve\Condition Zero;Trojan.DownLoader.2105;Irréparable.Quarantaine.;
SYSHOST.0XE;C:\WINDOWS\system32;BackDoor.BankSpy;Supprimé.;
5 Janvier 2008 21:33:59

As tu encore des dsyfonctionnements ?
5 Janvier 2008 21:45:54

Non, je crois qu'il n'y a plus de problème. Ca a fait un grand nettoyage.

Merci beaucoup pour ton aide :) 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS